/** * Replace the security permissions currently assigned to a user with those in the supplied User object * @param $user User */ public function SaveUserSecurity(User $user) { $user_table = $this->GetSettings()->GetTable("User"); $roles = $this->GetSettings()->GetTable("UserRole"); $user_id = Sql::ProtectNumeric($user->GetId(), false, false); # First update main user table $sql = "UPDATE {$user_table} SET disabled = " . Sql::ProtectBool($user->GetAccountDisabled()) . " WHERE user_id = {$user_id}"; $this->GetDataConnection()->query($sql); # Remove existing roles $sql = "DELETE FROM {$roles} WHERE user_id = " . $user_id; $this->GetDataConnection()->query($sql); # Add replacement roles foreach ($user->Roles() as $role) { $this->AddUserToRole($user->GetId(), $role->GetRoleId()); } }